This Morning, as I was checking my E-mail in the various accounts I maintain, I found what I believe to be a real nasty. It was in a yahoo mail account, and niether the Norton that yahoo uses or my CA antivirus software tripped to it (but to be fair I never even tried to open it).
The social engineering is what is going to make this a nasty one.
*** 's accounting dpt notice ***
Internet Billing Notice
Please press "open" and read the attached Billing Notice.

Note if you do not read this withing 24 hours we at regret we will have to terminate internet service.
(Notice the spelling errors)

The attachment has a .hta file extension which should trip some triggers, but probably won't.
I have notified yahoo of the existance of this, but have not heard anything back from them so far.
If anyone wants to play with this and see what makes it tick, PM me your e-mail addy and I will forward it to you intact.